Resistance is futile: The iPhone has won. Try as you may to maintain the great corporate barrier against employees using the latest smartphones on your network, the iPhone has or will soon enter your business and connect to your IT systems, and Google's Android devices such as the Droid series are not far behind. In fact, many CIOs and CSOs have already stopped resisting and are instead putting their energies to greater use: figuring out how to say yes to smartphones that are quickly becoming key business devices.
Sure, devices such as the iPhone have strong personal utility and appeal, but they are also increasingly able to meet core corporate security and management needs. The PC revolution 25 years ago blurred the distinction between "business" and "personal." Today's mobile devices are meeting IT halfway, permanently ending any pretence of a hard line. Now it's your turn to figure out how to make the most of the smartphone revolution.
This guide will help you say yes to the latest mobile devices, beginning with security capabilities, which remain a core concern for most organizations. To address this issue, I've created four classes to cover most businesses' security needs. I then explain how to ensure that each mainstream mobile device can meet those requirements, noting clearly when a particular device is ill-suited to your environment. Your obligations may vary, but you can fine-tune your smartphone strategy by starting with the closest-fitting category.
There are hundreds, if not thousands, of smartphones and "featurephones" (cell phones with the carriers' own apps), but most don't matter when it comes to business usage, which revolves around email, calendars, contacts, to-dos, applications, and data access. To hone your pursuits, I've focused on Apple's iPhone (including the iPod Touch and iPad), Google Android OS 2.x devices, Microsoft Windows Mobile, business-oriented Nokia Symbian devices (such as the S60 and E71), and Research in Motion's BlackBerry. Palm's WebOS-based Pre hasn't gained traction, and analysts and mobile management vendors agree it's not likely a factor for most businesses, but I've included it just in case.
Given the importance of email on mobile devices, I also note considerations for the main business email platforms -- IBM Lotus Domino/Notes, Microsoft Exchange, and Novell GroupWise -- and explain when it might make sense to use a third-party mobile management product. Be aware that most of those products don't really add security capabilities. Some simplify the provisioning of the devices' native security capabilities, but most are focused on monitoring and managing your cellular telecom spend, tracking the devices as assets, and giving IT basic status information for help desk support. Rather than adding yet another management tool, you may want to opt out of the smartphone-provisioning business altogether, which may solve the accounting issues these management platforms have been devised to address.
Keep in mind that mobile is a moving target. The advice that follows is based on what is available today, but there are upcoming changes to keep in mind. The iOS 4.0 released on June 21 will amp up the iPhone's corporate capabilities and fit, as well as make it easier for third-party mobile management tools to manage the iPhone in the same way many organizations use RIM's BlackBerry Enterprise Server to track the BlackBerry.
Another upcoming change of note is Novell's beta of its forthcoming Data Synchronizer Mobility Pack, an add-on to GroupWise 8 that includes Microsoft's Exchange ActiveSync (EAS) services. With it, you can manage EAS-compatible devices such as the iPhone and Windows Mobile as you could with Microsoft Exchange Server. Maybe Novell will finally get serious about mobile -- I know several big customers poised to dump GroupWise if it doesn't.
Finally, Microsoft says its new Windows Phone 7 OS, to ship around the Christmas holidays, will have the same security and management capabilities as today's Windows Mobile platform.
How to say yes, no matter what type of business you are
- The four security categories defined: Which is your business?
- Category 1: Accessing and securing routine business information
- Category 2: Accessing and securing important business information
- Category 3: Accessing and securing sensitive business information
- Category 4: Accessing and securing top-secret business information
- Chart: How each smartphone platform compares